You are not logged in.
- Topics: Active | Unanswered
Pages: 1
#1 2012-09-08 12:09:02
- Mr Green
- Forum Fellow
- From: U.K.
- Registered: 2003-12-21
- Posts: 5,899
- Website
Small home web server set up
I am building an Arch based lighttpd web server with ssh access, using an atom based system I have.
Specs are
1.6Ghz Dual Core Cpu
2 Gig of ram
250gb Sata Hard Drive.
lighttpd uses /srv for web based stuff so I am looking at possibly file sharing via web and local backup via ssh
As there will be no X gui stuff install will be console based with autologin, trying to figure out the best possible scheme for hard drive partitioning.
Was going to go with either one or two [/root & /home] but /srv needs room for storage not keen on the idea of using /home for file sharing as it could be a possible security risk.
Backup would go via ssh/sshfs (nfs is on the cards but not really worth setting up for what I need)
Mr Green
Offline
#2 2012-09-08 12:14:04
- graysky
- Wiki Maintainer
- From: :wq
- Registered: 2008-12-01
- Posts: 10,600
- Website
Re: Small home web server set up
File sharing over web? Wouldn't samba be a better choice? Anyway, seems like you want a dedicated data partition, not specifically a /srv partition.
/ and optionally /home
/data
You can use symlinks within /srv to point at /data/foo
Last edited by graysky (2012-09-08 12:14:38)
CPU-optimized Linux-ck packages @ Repo-ck • AUR packages • Zsh and other configs
Offline
#3 2012-09-08 12:33:29
- Atragor
- Member
- Registered: 2009-02-28
- Posts: 59
Re: Small home web server set up
AFAIK, using samba for sharing files over the internet is insecure and is not recommended, I'd prefer an FTP server (for example, vsftpd). You can use "mount --bind" to mount the specific folders into /srv. So, the setup would be something like this:
about 20 GB for / (actually it's quite too much, especially if you are going to clear /var/cache/pacman from time to time)
/home
mount --bind /home/some_folder /srv/share/some_folder
If you store top-secret files on your computer, FTP can be additionally secured with Tomoyo, which is available in Arch out of the box 
Last edited by Atragor (2012-09-08 12:37:34)
Offline
#4 2012-09-08 12:50:11
- graysky
- Wiki Maintainer
- From: :wq
- Registered: 2008-12-01
- Posts: 10,600
- Website
Re: Small home web server set up
AFAIK, using samba for sharing files over the internet is insecure and is not recommended
Totally agree. The op said it was a home server which I assumed would with LAN accessed only. Poor assumption on my part perhaps. I would recommend a hardened sshd setup using scp through a GUI like FileZilla in this case. Very secure when setup properly and same familiar FTP-like interface.
Last edited by graysky (2012-09-08 12:52:04)
CPU-optimized Linux-ck packages @ Repo-ck • AUR packages • Zsh and other configs
Offline
#5 2012-09-08 13:04:08
- defears
- Member
- Registered: 2010-07-26
- Posts: 218
Re: Small home web server set up
I went the easy way and created a new user just to serve with http and keep all that media in there because it doesn't change, I just add to it. And symlinked /srv/http to the new user so root doesn't have to be big and my real user account doesn't change permissions because you have to chmod+x you're home folder to link to /srv. Uggh.
Offline
#6 2012-09-08 13:18:35
- Mr Green
- Forum Fellow
- From: U.K.
- Registered: 2003-12-21
- Posts: 5,899
- Website
Re: Small home web server set up
Currently base install plus ssh and lighttpd weigh in at 614mb, of course /var/log will start filling up plus updates etc...
Was thinking more like 10gb for /root, seems to be plenty, 2Gig of ram might get away without sawp [can always add swap file!]
Like the idea of linking /srv/http to /data in /home
Can ssh into /home locally without a problem
Yes do want to serve up some files to the web but only basic configs,scripts nothing that needs total lockdown.
Mr Green
Offline
#7 2012-09-08 15:01:02
- graysky
- Wiki Maintainer
- From: :wq
- Registered: 2008-12-01
- Posts: 10,600
- Website
Re: Small home web server set up
Yes do want to serve up some files to the web but only basic configs,scripts nothing that needs total lockdown.
Total lockdown is required when opening up to the WAN in my opinion. Just because you are serving up trivial stuff doesn't mean that a hacker can't get into your system and do much more. If you plan ONLY to serve up files for family/friends and not the 'net at large, just run the server behind the firewall only. Make guests access via ssh forwarding the http port thereby enabling a VPN of sorts through ssh. I do this all the time. It is very secure.
Example forwarding port 5900 on the remote box to 5900 on the local box and port 80 on the remote box to 10080 on the local box:
$ ssh mars -L 5900/localhost/5900 -L 10080/localhost/80CPU-optimized Linux-ck packages @ Repo-ck • AUR packages • Zsh and other configs
Offline
#8 2012-09-08 16:41:04
- Mr Green
- Forum Fellow
- From: U.K.
- Registered: 2003-12-21
- Posts: 5,899
- Website
Re: Small home web server set up
I am port forwarding via no-ip to a hight port, might add password protection to folders... on web server
ssh I normally only need local access, but your suggestion for [WAN] may be something I add down the line.
Thank you for your help
Mr Green
Offline
#9 2012-09-10 11:13:58
- Mr Green
- Forum Fellow
- From: U.K.
- Registered: 2003-12-21
- Posts: 5,899
- Website
Re: Small home web server set up
I set up server and I can ssh in think I have got the wrong symlink set up as
ln -s /srv/http $HOME/data did not work correctly, get http linked but nothing shows up in /data other than linked folder...
Mr Green
Offline
Pages: 1